﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Data.SqlClient;
using System.Data;
using System.Security.Cryptography;

/// <summary>
/// user 的摘要说明
/// </summary>
public class user
{
    public int id { get; set; }
    public string name { get; set; }
    public string idcard { get; set; }
    public string userLogin { get; set; }
    public string password { get; set; }
    public string sex { get; set; }
    public byte[] photo { get; set; }
    public string email { get; set; }
    public DateTime registTime { get; set; }
    public string address { get; set; }
    public DateTime birthday { get; set; }
    public string telephone { get; set; }
    public string homeUrl { get; set; }
    public string userInfo { get; set; }
    public int status { get; set; }
    public string errorMsg { get; set; }   //用于存放错误消息
    public user() { }
    public user(int uId)//构造函数
    {
        string sqlStr = "SELECT * FROM USER WHERE id=" + uId.ToString();
        DB db = new DB();
        DataRow dr = db.GetDataRow(sqlStr);
        if (dr == null)
        {
            errorMsg = "指定的用户id不存在";
            id = -1;
        }
        else
        {
            Init(dr);
        }
    }
    private void Init(DataRow dr)//初始化
    {
        id = Int32.Parse(dr["id"].ToString());
        name = dr["name"].ToString();
        userLogin = dr["userLogin"].ToString();
        password = dr["password"].ToString();
        sex = dr["sex"].ToString();
        idcard = dr["idcar"].ToString();
        if (dr.IsNull("photo"))
            photo = null;
        else
            photo = (byte[])dr["photo"];
        if (dr.IsNull("email"))
            email = null;
        else
            email = dr["email"].ToString();
        registTime = (DateTime)dr["registTime"];
        if (dr.IsNull("address"))
            address = null;
        else
            address = dr["address"].ToString();
        if (dr.IsNull("birthday"))
            ;
        else
            birthday = (DateTime)dr["birthday"];
        if (dr.IsNull("telephone"))
            telephone = null;
        else
            telephone = dr["telephone"].ToString();
        homeUrl = dr["homeUrl"].ToString();
        if (dr.IsNull("userInfo"))
            userInfo = null;
        else
            userInfo = dr["userInfo"].ToString();
        if (dr.IsNull("status"))
            status = 0;
        else
            status = Int32.Parse(dr["status"].ToString());
    }




    public bool login(string userLogin, string password)//登录
    {
        string sqlStr = "SELECT * FROM [user] WHERE userLogin='" + userLogin + "'";
        System.Diagnostics.Debug.Write(sqlStr);
        DB db = new DB();
        DataRow dr = db.GetDataRow(sqlStr);
        if (dr == null)
        {
            errorMsg = "登录名不存在";
            return false;
        }
        SHA1CryptoServiceProvider sha1csp = new SHA1CryptoServiceProvider();
        byte[] src = System.Text.Encoding.UTF8.GetBytes(password);
        byte[] des = sha1csp.ComputeHash(src);//加密后的密码
        if (dr["password"].ToString() == Convert.ToBase64String(des))
        {
            Init(dr);
            return true;
        }
        else
        {
            errorMsg = "密码输入有误";
            return false;
        }
    }
    public bool register(user user)//注册
    {
        bool ret = true;
        string sqlString = "INSERT INTO [user](name,idcar,userLogin,password,sex,email,registTime,address,birthday,telephone,homeUrl,userInfo) " +
            "VALUES('" + user.name + "'," + user.idcard + ",'" + user.userLogin + "','" + user.password + "','" + user.sex + "','" + user.email + "','" + user.registTime + "','" + user.address + "','" + user.birthday + "','" + user.telephone + "','" + user.homeUrl + "','" + user.userInfo + "')";
        System.Diagnostics.Debug.Write(sqlString);
        DB db = new DB();
        db.open();
        db.BeginTrans();
        try
        {
            int result = db.ExecuteSQLNonQuery(sqlString, null, true);
            if (result < 1)
            {
                db.Rollback();
                throw new Exception("插入新记录失败");
            }
            db.Commit();
        }
        catch (Exception e)
        {
            db.Rollback();
            ret = false;
            errorMsg = e.Message;
        }
        finally
        {
            db.close();
        }
        return ret;
    }
    public bool checkLogin(string uLogin)//检查登录名是否可用
    {
        string sqlStr = "SELECT * FROM USER WHERE userLogin='" + uLogin + "'";
        DB db = new DB();
        DataRow dr = db.GetDataRow(sqlStr);
        if (dr == null)
            return false;//用户名不存在
        return true;
    }
    public void modify()//个人信息维护
    {
        List<SqlParameter> sqlParams = new List<SqlParameter>();
        string sqlStr = "UPDATE  [user] SET name = @name,idcar=@idcard,sex=@sex ,email=@email "
            + ",address=@address ,userInfo=@userInfo,telephone=@telephone ,birthday=@birthday,homeUrl=@homeUrl";
        sqlStr += " WHERE id=" + id.ToString();
        sqlParams.Add(new SqlParameter("@name", name));
        sqlParams.Add(new SqlParameter("@sex", sex));
        sqlParams.Add(new SqlParameter("@email", email));
        sqlParams.Add(new SqlParameter("@address", address));
        sqlParams.Add(new SqlParameter("@userInfo", userInfo));
        sqlParams.Add(new SqlParameter("@telephone", telephone));
        sqlParams.Add(new SqlParameter("@idcard", idcard));
        sqlParams.Add(new SqlParameter("@homeUrl", homeUrl));
        if (birthday.Year == 1)
            sqlParams.Add(new SqlParameter("@birthday", DBNull.Value));
        else
            sqlParams.Add(new SqlParameter("@birthday", birthday));
        DB db = new DB();
        db.ExecuteSQLNonQuery(sqlStr, sqlParams);
    }

}